When filtering traffic to localhost (127.0.0.1), it causes Maven repository synchronization to fail in IntelliJ IDEA. However, Maven works correctly when local traffic is not filtered. I will provide a minimal code reproduction below.
- (void)startFilterWithCompletionHandler:(void (^)(NSError *error))completionHandler {
// Add code to initialize the filter
NSMutableArray *rules = [NSMutableArray array];
NENetworkRule * rule = [[NENetworkRule alloc] initWithRemoteNetwork:nil remotePrefix:0 localNetwork:nil localPrefix:0 protocol:NENetworkRuleProtocolTCP direction:NETrafficDirectionAny];
[rules addObject:[[NEFilterRule alloc]initWithNetworkRule:rule action:NEFilterActionFilterData]];
rule = [[NENetworkRule alloc] initWithRemoteNetwork:nil remotePrefix:0 localNetwork:nil localPrefix:0 protocol:NENetworkRuleProtocolUDP direction:NETrafficDirectionAny];
[rules addObject:[[NEFilterRule alloc]initWithNetworkRule:rule action:NEFilterActionFilterData]];
NWHostEndpoint *hostEndpointIpv4 = [NWHostEndpoint endpointWithHostname:@"127.0.0.1" port:@"0"];
NENetworkRule *localHostRuleIpv4 = [[NENetworkRule alloc] initWithRemoteNetwork:hostEndpointIpv4
remotePrefix:32
localNetwork:hostEndpointIpv4
localPrefix:32
protocol:NENetworkRuleProtocolAny
direction:NETrafficDirectionAny];
[rules addObject:[[NEFilterRule alloc]initWithNetworkRule:localHostRuleIpv4 action:NEFilterActionFilterData]];
NEFilterSettings *filterSetting = [[NEFilterSettings alloc] initWithRules:rules defaultAction:NEFilterActionAllow];
[self applySettings:filterSetting completionHandler:^(NSError * _Nullable error) {
if (error) {
NSLog(@"Failed to apply filter settring: %@", error.localizedDescription);
}
completionHandler(error);
}];
}
Maven Sync error:
System Log:
默认 17:35:13.184509+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so 3bb6402f58a82e37 - flags 0x800840 0x80> lport 63166 fport 29735 laddr 127.0.0.1 faddr 127.0.0.1
默认 17:35:13.184510+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so d6dde374c8cb613b - flags 0x800840 0x80> lport 63165 fport 29735 laddr 127.0.0.1 faddr 127.0.0.1
默认 17:35:13.529546+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so cc915e74ba29f8cb - flags 0x800840 0x80> lport 63169 fport 39066 laddr 127.0.0.1 faddr 127.0.0.1
默认 17:35:13.529546+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so 2e15c3e54ebcc45 - flags 0x800840 0x80> lport 63168 fport 39066 laddr 127.0.0.1 faddr 127.0.0.1
默认 17:35:14.046094+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so 71f6d3a53472131f - flags 0x800840 0x80> lport 63172 fport 53241 laddr 127.0.0.1 faddr 127.0.0.1
默认 17:35:14.046145+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so c88a367c9717185b - flags 0x800840 0x80> lport 63171 fport 53241 laddr 127.0.0.1 faddr 127.0.0.1
Environment Details: Operating System: macOS 15.5 (Sequoia) IDE: IntelliJ IDEA 2025.1 Relevant Technology: NEFilterDataProvider (Network Extension)
I have found reports of similar problems online:
-
https://discussionschinese.apple.com/thread/255270330?sortBy=rank
-
https://blog.csdn.net/weixin_42339552/article/details/137402307
They all seem to be caused by network extension。